Matt Gordon-Smith has more than 25 years of information security experience and has led security programs. He says networking and relationship-building are critical to career success, but many aspiring CISOs face a major obstacle to interacting with other leaders: imposter syndrome.
Jana Partners has raised its stake in cybersecurity vendor Rapid7 to 13% and is pushing for the company to consider selling itself. The activist investor teamed up with Cannae Holdings and is engaged in discussions with Rapid7's management to explore operational improvements and board restructuring.
Banks, insurance and other financial services institutions are experiencing a wave of mergers and acquisitions. This activity comes with an exponential rise in identities that need to be secured. Newly acquired companies often lack visibility into all their identities resulting in overprovisioned access.
You can...
Picus Security has received $45 million in funding led by Riverwood Capital. The investment will accelerate product development in exposure management, including attack surface management and automated pen testing. The company plans to expand further in the Americas, targeting key growth areas.
Many organizations are moving too slowly towards addressing the human risk elements of security. At the heart of this lies a misunderstanding of human risk factors - with many believing the only contributors are Knowledge & understanding (85%) and Security behaviors (15%).
Recent CybSafe analysis suggests there are...
Preparing healthcare organizations to respond to and rebound from a disruptive ransomware attack is akin to implementing a "12-step program," said Dr. Eric Liederman, CEO of consultancy CyberSolutionsMD and recently retired long-serving director of medical informatics at Kaiser Permanente.
Successful governance, risk and compliance projects focus on delivering business value above all else, to safeguard the interests of all stakeholders - customers, employees, board members and regulators - said John Hermans, head of Europe cybersecurity and risk services at Wipro.
To run successful governance, risk and compliance programs, automation always trumps manual processes, said John Hermans, head of Europe cybersecurity and risk services at Wipro. He detailed best practices to eliminate, simplify, standardize and automate processes, backed by the right framework.
France’s cyber defense agency teamed up with governments and security experts from across the globe to identify and mitigate a historic level of both physical and cyber threats following years of preparation, experts tell Information Security Media Group.
Mimecast's acquisition of Aware bolsters its human risk management by adding AI and natural language processing capabilities for collaboration tools. The deal enhances security across communication platforms, addressing insider threats and compliance issues while boosting Mimecast's market presence.
The intersection of cyber supply chain security and third/fourth-party risk management presents significant challenges for CISOs. Here's how to take a proactive, comprehensive approach to cyber supply chain risk management to protect critical assets and enhance resilience against evolving threats.
Most hospitals prioritize cybersecurity but often lack the necessary resources to comply with these goals. The question becomes not about the practices, but the potential barriers to implementation, according to John Riggi at the American Hospital Association.
Enterprise Strategy Group (ESG) conducted an Economic Validation to measure the expected savings and benefits of implementing Splunk Security. By combining Splunk’s security information and event management (SIEM) and security orchestration, automation and response (SOAR) capabilities and workflows into a simplified...
With a modern security program, organizations have more visibility into their vast, interwoven environments and are able to achieve greater digital resilience.
In Building a Modern Security Program, we show you steps to take to expand into new or more advanced security use cases across your team and organization so...
An M&A due diligence process must include a comprehensive cybersecurity risk assessment, including all assets, threats, vulnerabilities and control measures, said Bradley Schaufenbuel, vice president and CISO at payroll and HR solution company Paychex.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.